unsigned int usage = 0, server, ask;
gnutls_x509_crq_t crq; /* request */
unsigned pk;
+ char timebuf[SIMPLE_CTIME_BUF_SIZE];
ret = gnutls_x509_crt_init(&crt);
if (ret < 0) {
if (ca_crt && (secs > gnutls_x509_crt_get_expiration_time(ca_crt))) {
time_t exp = gnutls_x509_crt_get_expiration_time(ca_crt);
- fprintf(stderr, "\nExpiration time: %s", ctime(&secs));
- fprintf(stderr, "CA expiration time: %s", ctime(&exp));
+ fprintf(stderr, "\nExpiration time: %s\n", simple_ctime(&secs, timebuf));
+ fprintf(stderr, "CA expiration time: %s\n", simple_ctime(&exp, timebuf));
fprintf(stderr, "Warning: The time set exceeds the CA's expiration time\n");
ask = 1;
}
gnutls_datum_t data;
char prefix[128];
int ret;
+ char timebuf[SIMPLE_CTIME_BUF_SIZE];
print_dn("\tSigner's issuer DN", &info->issuer_dn);
print_raw("\tSigner's serial", &info->signer_serial);
print_raw("\tSigner's issuer key ID", &info->issuer_keyid);
if (info->signing_time != -1)
- fprintf(outfile, "\tSigning time: %s", ctime(&info->signing_time));
+ fprintf(outfile, "\tSigning time: %s\n", simple_ctime(&info->signing_time, timebuf));
fprintf(outfile, "\tSignature Algorithm: %s\n", gnutls_sign_get_name(info->algo));
{
logfile = file;
}
+
+/* This is very similar to ctime() but it does not force a newline.
+ */
+char *simple_ctime(const time_t *t, char out[SIMPLE_CTIME_BUF_SIZE])
+{
+ struct tm tm;
+
+ if (localtime_r(t, &tm) == NULL)
+ goto error;
+
+ if (!strftime(out, SIMPLE_CTIME_BUF_SIZE, "%c", &tm))
+ goto error;
+
+ return out;
+
+ error:
+ snprintf(out, SIMPLE_CTIME_BUF_SIZE, "[error]");
+ return out;
+}
# define set_read_funcs(x)
#endif
+#define SIMPLE_CTIME_BUF_SIZE 64
+char *simple_ctime(const time_t *t, char buf[SIMPLE_CTIME_BUF_SIZE]);
+
#endif /* GNUTLS_SRC_COMMON_H */
int ret;
unsigned int status, cert_status;
time_t rtime, vtime, ntime, now;
+ char timebuf1[SIMPLE_CTIME_BUF_SIZE];
+ char timebuf2[SIMPLE_CTIME_BUF_SIZE];
now = time(0);
}
if (cert_status == GNUTLS_OCSP_CERT_REVOKED) {
- printf("*** Certificate was revoked at %s", ctime(&rtime));
+ printf("*** Certificate was revoked at %s\n", simple_ctime(&rtime, timebuf1));
ret = 0;
goto cleanup;
}
if (ntime == -1) {
if (now - vtime > OCSP_VALIDITY_SECS) {
printf
- ("*** The OCSP response is old (was issued at: %s) ignoring",
- ctime(&vtime));
+ ("*** The OCSP response is old (was issued at: %s) ignoring\n",
+ simple_ctime(&vtime, timebuf1));
ret = -1;
goto cleanup;
}
} else {
/* there is a newer OCSP answer, don't trust this one */
if (ntime < now) {
- printf
- ("*** The OCSP response was issued at: %s, but there is a newer issue at %s",
- ctime(&vtime), ctime(&ntime));
+ printf("*** The OCSP response was issued at: %s but there is a newer issue at %s\n",
+ simple_ctime(&vtime, timebuf1), simple_ctime(&ntime, timebuf2));
ret = -1;
goto cleanup;
}
}
finish_ok:
- printf("- OCSP server flags certificate not revoked as of %s",
- ctime(&vtime));
+ printf("- OCSP server flags certificate not revoked as of %s\n",
+ simple_ctime(&vtime, timebuf1));
ret = 1;
cleanup:
gnutls_ocsp_resp_deinit(resp);
unsigned int oflags;
const char *vendor;
char *objurl;
+ char timebuf[SIMPLE_CTIME_BUF_SIZE];
ret =
gnutls_pkcs11_obj_export_url(crt_list[i], detailed,
}
if (otype == GNUTLS_PKCS11_OBJ_X509_CRT && exp != -1) {
- fprintf(outfile, "\tExpires: %s", ctime(&exp));
+ fprintf(outfile, "\tExpires: %s\n", simple_ctime(&exp, timebuf));
}
gnutls_free(output);
if (accept_fd < 0) {
perror("accept()");
} else {
+ char timebuf[SIMPLE_CTIME_BUF_SIZE];
time_t tt = time(0);
char *ctt;
j->close_ok = 0;
if (verbose != 0) {
- ctt = ctime(&tt);
+ ctt = simple_ctime(&tt, timebuf);
ctt[strlen(ctt) - 1] = 0;
printf
projects / thirdparty / gnutls.git / commitdiff
